[vpn-help] [Question] Shrew VPN client with Win7 - Netscreen SSG5
Wo Chong
wo.chong at edison.com.hk
Wed Aug 18 16:37:44 CDT 2010
Dear Mathew,
First, thanks for your reply, but what I found in the test is:
1. The Remote PC (with Win7 OS) was success retrieve the IP (192.168.1.100)
from the netscreen ip pool
2. I install the sniffer software in the local pc (with windows
xp,192.168.111.10, sniffer software was using wireshark), I saw the icmp
request was success sent to the local pc, but I cannot found the reply from
the local pc.
3. I had setup another local pc (windows xp, 192.168.111.20) and try to ping
the 192.168.111.10 and it was success to get the reply, and I can saw the
icmp-echo and reply log in the sniffer log.
Thanks!
Br,
Wo
----- Original Message -----
From: "Matthew Grooms" <mgrooms at shrew.net>
To: "Wo Chong" <wo.chong at edison.com.hk>
Cc: <vpn-help at lists.shrew.net>
Sent: Tuesday, August 17, 2010 10:01 PM
Subject: Re: [vpn-help] [Question] Shrew VPN client with Win7 - Netscreen
SSG5
> On 8/17/2010 1:17 PM, Wo Chong wrote:
>> Recently, I setup a test lab in our office, with the settings below:
>> Local office:
>> Wan: 192.168.0.118 (DHCP)
>> LAN: 192.168.1.1
>> IPPool:10.2.3.5 ~ 10.2.3.10
>> Remote Client ip: 192.168.0.147
>> I had success to dialup and retrieve the ip from the netscreen, but the
>> client pc was fail to ping the pc/server behind the juniper firewall,
>> please let me know how to troubleshoot the case?
>
> I would start by looking at the debug level log output using the VPN trace
> application.
>
> http://www.shrew.net/support/wiki/BugReportVpnWindows
>
> My guess is that you are passing phase1 but phase2 negotiation is failing.
>
> -Matthew
>
More information about the vpn-help
mailing list